I remember attending a conference sometime in the mid-90′s. This was at the time when everyone was “getting on the net”. Back then, of course, we were talking mostly about 64kbps ISDN lines, or – for those with real money – perhaps even 128kbps.
And, of course, everyone was obsessed with…firewalls. This device was now becoming the most important piece of equipment on the network. After all, we had to protect our networks from the evil Hackers!
The first speaker at the conference was a highly respected technology expert; there were probably close to 1000 people in the room (yeah, before we all had broadband, people actually went OUT of their offices to network and learn stuff!). This man strutted out onto the stage, and in the most confident manner possible, proclaimed that “The firewall is dead!”
1000 people suddenly had a very stunned look on their faces, myself included. What could he possibly mean? This statement was absolutely the opposite of what everyone thought!
He went on to make his point.
“Firewalls are all fine and dandy,” he said, “but realize that you’ve got to punch holes through them to allow your users to gain access to the services you want to provide them with. Keeping hackers out is one thing, but you don’t also want to prevent your own employees from getting to what they need. Eventually, your firewall will start looking like a fine piece of Swiss cheese!”
He explained that a “boma” was a fortress-like structure used in Africa. It was meant to keep unwanted animals out and the people inside safe.
The “boma”, he went on, was the directory, the repository of your organization’s identities.
He was right. And 15 years later, that statement still holds true.
Managing the identities in your organization is critical to ensuring the security of your digital assets. Who has access to what? How many different identities in how many different systems do you need to manage for each employee? When an employee leaves or is terminated, how quickly and accurately can you deactivate all of his accounts across your systems?
Make no mistake: the Hackers are still out there, and the tools they use today make it even easier to break into your systems. And they are breaking into systems – several security experts I’ve spoken to recently are telling me that intrusion activity is at a higher level than normal these days.
CALL TO ACTION: if you don’t want to have to explain to your management executives why someone was able to login to your systems and gain access, you need to start seriously thinking about an identity and access management solution. Having at least a discussion about it won’t hurt – give us a call.
